The second part of our discussion on the organizational structure relates to governance, this is a critical consideration. Topics that we're going to discuss, we're going to define what governance actually is. Discuss the importance of governance. We'll look at how you actually achieve governance and take the steps to get to that point. We'll look at some of the key governance concepts and the accountability structure. And importantly, how do you perform governance in a cloud environment? Just reminding ourselves of how this fits in to our strategic model. We've looked at the architecture, we've looked at process, we've looked at organization from a structural point of view, and now we're looking at those critical issues around governance. Governance is of critical importance in the way an organization performs. Its success depends on having a clear authority structure, the right participants, ie, those people who can actually make the decisions, not delegates who can't actually make that decision. And importantly, it's around the clarity of roles, so that we're not doubling up or duplicating or getting into conflict because of misunderstanding. Governance is very simply defined in the way that decisions are made. And it's about who is accountable? Who is responsible? And who is involved in making those decisions? Key concepts around governance actually relate to these things in terms of accountability, responsibility, delegations, the reporting lines and the actual decision making process itself. Decision making is at the crux of governments. What is the hierarchy in there? Who makes the decisions? Who provides the information? What levels of approvals do we need when we're making decisions along the way? In a typical organization, we will have a board of directors who provide governance across the whole organization. We have a chief executive officer who has responsibility for running the organization, taking on board the decisions of the board of directors. Supporting the chief executive officer will be a range of C-class executives, the chief financial officer, the chief information officer, etc. And reporting to these positions will be offices with various levels of delegations, sign off on financial matters or make decisions pertaining to the organizational operations. Importantly, it needs to be aligned with the organizational structure. So that reporting lines from a governance point of view are very clear and communicate up and down the hierarchy of that organization. And the final component of governance that I'd like to discuss are methods and standards. These are critical to good governance. Commonly found examples includes the ISO standards on quality. The capability maturity model that we discussed earlier is a way of an organization understanding and being able to communicate the way that it actually operates. Similarly, the Zachman Architecture provides a standard for the way that we describe, document, and communicate the way our business operates. From a project management point of view, methodology such as PRINCE2 clearly define how we should manage our projects, what we should produce a long the way and who is involved. And from the point of view of developing ICT systems, the development life cycle, mythologies such as PMI or Agile provides that guidance. There is some particular consideration when we're moving to a cloud. Governance needs to be defined very, very clearly because we're now dealing with an external party. What is the make up of our steering committee, for example? Who makes the decision on that steering committee? And what are the delegations and authorities which are attached to that steering committee? So that people are clear about what accountabilities, roles, and obligations they actually had. There are business architecture considerations. How do we control our architecture so that we understand that when we're operating in the cloud, if we're using software as a service or infrastructure as a service for example, how that impacts on our business architecture? And what are the control mechanisms around it? So that we can recognize a breach or noncompliance and good performance. And then there is reporting, not only against our service level agreements, but in terms of the decisions being made. How frequently do we make those reports and who are the audience who receive the reports? The steering committee might not need to know all of the small decisions, but it certainly needs to understand that they're being made in a proper way, and there's due diligence being followed. And importantly, again, we need to be able to audit and review those decisions, so there is visibility and accountability. So in summary, governance is critical for success and benefit realization when we've moved to the cloud and it's in its cloud operational environment. It all hinges around clarity of roles, accountabilities, decision making, and risk management.
